Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/6a8607-a33a-44af-b2c0-1341de8abe51/1/PCHI5DEkoaLSSxU3656xe4ue7Ww.roa
File: PCHI5DEkoaLSSxU3656xe4ue7Ww.roa (raw, json)
Hash identifier: xfM3BLrMgm/CPgl8wUnpZoxqJH3lNM8sUX/3FAhsCAs=
Subject key identifier: 3C:21:C8:E4:31:24:A1:A2:D2:4B:15:37:EB:9E:B1:7B:8B:9E:ED:6C
Certificate issuer: /CN=6559cf34d4cfc59640862d1e4b79d48d9e4d8e7b
Certificate serial: 0193DEE0F0BC42F4B89222FC4EB2A7451FF1
Authority key identifier: 65:59:CF:34:D4:CF:C5:96:40:86:2D:1E:4B:79:D4:8D:9E:4D:8E:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZVnPNNTPxZZAhi0eS3nUjZ5Njns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/6a8607-a33a-44af-b2c0-1341de8abe51/1/PCHI5DEkoaLSSxU3656xe4ue7Ww.roa
Signing time: Thu 19 Dec 2024 12:25:03 +0000
ROA not before: Thu 19 Dec 2024 12:25:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213692
IP address blocks: 2a13:dc80::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 19 Dec 2024 13:13:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:de:e0:f0:bc:42:f4:b8:92:22:fc:4e:b2:a7:45:1f:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6559cf34d4cfc59640862d1e4b79d48d9e4d8e7b
Validity
Not Before: Dec 19 12:25:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3c21c8e43124a1a2d24b1537eb9eb17b8b9eed6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:f3:ba:6c:a3:ff:9d:76:f1:23:50:57:46:3c:
51:b6:f3:69:6f:c9:ce:88:4e:26:f1:85:e1:3b:b9:
c5:3a:0c:c4:6b:4a:c8:b9:20:c1:c3:99:d1:0f:20:
0e:00:8b:e1:51:b6:7f:42:c2:3e:5e:0c:b7:28:87:
a5:3d:57:56:70:20:27:7d:99:f8:90:b7:c1:e7:10:
0e:9b:98:4e:b7:f2:1c:44:17:d3:b3:57:d2:57:88:
aa:b2:3b:68:cb:98:de:b3:c5:04:21:a7:8a:a3:f8:
ba:63:45:5d:09:3a:11:84:c9:91:7a:90:db:ae:93:
6b:89:d9:95:25:c3:e9:56:d6:99:c6:ff:15:53:65:
1b:b3:5e:13:ba:78:62:a3:92:c0:fc:73:97:f7:cb:
e2:03:15:68:cc:15:d6:f3:62:a1:32:42:57:67:de:
b7:1c:45:41:57:85:c1:31:94:6d:33:b1:39:a1:72:
bc:17:3a:56:c3:f0:06:ea:a4:c2:d5:27:bc:59:b1:
ba:79:e1:82:e7:9d:75:c1:2f:1f:25:9b:c9:ab:d7:
9d:b6:1b:94:74:5b:60:1d:8c:62:48:89:64:55:44:
2a:7a:76:ef:d3:52:6a:bb:18:73:51:8f:f2:7e:f9:
0c:01:00:c3:e9:38:fd:fc:ec:71:01:3a:04:e1:64:
aa:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:21:C8:E4:31:24:A1:A2:D2:4B:15:37:EB:9E:B1:7B:8B:9E:ED:6C
X509v3 Authority Key Identifier:
keyid:65:59:CF:34:D4:CF:C5:96:40:86:2D:1E:4B:79:D4:8D:9E:4D:8E:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZVnPNNTPxZZAhi0eS3nUjZ5Njns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/6a8607-a33a-44af-b2c0-1341de8abe51/1/PCHI5DEkoaLSSxU3656xe4ue7Ww.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/6a8607-a33a-44af-b2c0-1341de8abe51/1/ZVnPNNTPxZZAhi0eS3nUjZ5Njns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:dc80::/29
Signature Algorithm: sha256WithRSAEncryption
b1:3e:59:17:f4:d2:ec:a0:35:7a:dc:d9:a3:32:95:95:8d:73:
70:f8:9a:5e:50:4d:25:3a:70:03:85:3b:53:27:2e:78:ed:16:
41:e3:e0:53:c0:bf:58:c0:fa:bd:f0:5e:3d:86:83:48:28:32:
56:d2:68:75:09:46:11:cb:46:1f:4f:00:90:41:a3:9c:19:62:
6e:54:50:6d:04:d0:31:e3:4e:d9:1c:b5:f4:ae:f7:40:f8:37:
2a:5f:ee:9f:5f:50:2b:14:18:6a:5a:d5:45:7c:80:60:6c:c9:
4c:ca:30:89:97:29:f0:a3:ee:14:ab:a9:eb:95:aa:83:cc:00:
92:ea:b8:07:79:89:7e:94:11:71:23:29:3d:79:f4:9c:04:ca:
76:9e:b0:f1:f1:f9:06:de:6a:c2:5e:4d:66:bd:59:5a:7b:27:
f6:91:3f:8a:51:e6:45:ad:24:41:e5:a7:17:45:92:f8:db:e3:
20:7f:0b:62:8f:1a:c4:b8:5b:be:d7:1d:b5:d7:0f:38:f7:a5:
83:14:6a:49:4f:ec:3a:40:2c:4d:b7:ad:78:f2:3d:17:de:5e:
f4:ba:eb:64:3c:b9:7f:a9:45:d7:04:08:d0:66:d0:42:35:e9:
24:ca:7b:70:b9:c0:67:6d:c3:ed:25:05:9b:27:a7:13:95:5e:
41:44:c9:37
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZPe4PC8QvS4kiL8TrKnRR/xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1NTljZjM0ZDRjZmM1OTY0MDg2MmQxZTRiNzlkNDhkOWU0
ZDhlN2IwHhcNMjQxMjE5MTIyNTAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzIxYzhlNDMxMjRhMWEyZDI0YjE1MzdlYjllYjE3YjhiOWVlZDZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8fO6bKP/nXbxI1BXRjxRtvNpb8nO
iE4m8YXhO7nFOgzEa0rIuSDBw5nRDyAOAIvhUbZ/QsI+Xgy3KIelPVdWcCAnfZn4
kLfB5xAOm5hOt/IcRBfTs1fSV4iqsjtoy5jes8UEIaeKo/i6Y0VdCToRhMmRepDb
rpNridmVJcPpVtaZxv8VU2Ubs14Tunhio5LA/HOX98viAxVozBXW82KhMkJXZ963
HEVBV4XBMZRtM7E5oXK8FzpWw/AG6qTC1Se8WbG6eeGC5511wS8fJZvJq9edthuU
dFtgHYxiSIlkVUQqenbv01JquxhzUY/yfvkMAQDD6Tj9/OxxAToE4WSqtwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFDwhyOQxJKGi0ksVN+uesXuLnu1sMB8GA1UdIwQY
MBaAFGVZzzTUz8WWQIYtHkt51I2eTY57MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlZuUE5OVFB4WlpBaGkwZVMzblVqWjVOam5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS82YTg2MDctYTMzYS00NGFmLWIyYzAt
MTM0MWRlOGFiZTUxLzEvUENISTVERWtvYUxTU3hVMzY1NnhlNHVlN1d3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS82YTg2MDctYTMzYS00NGFmLWIyYzAtMTM0MWRlOGFiZTUx
LzEvWlZuUE5OVFB4WlpBaGkwZVMzblVqWjVOam5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhPcgDAN
BgkqhkiG9w0BAQsFAAOCAQEAsT5ZF/TS7KA1etzZozKVlY1zcPiaXlBNJTpwA4U7
UycueO0WQePgU8C/WMD6vfBePYaDSCgyVtJodQlGEctGH08AkEGjnBliblRQbQTQ
MeNO2Ry19K73QPg3Kl/un19QKxQYalrVRXyAYGzJTMowiZcp8KPuFKup65Wqg8wA
kuq4B3mJfpQRcSMpPXn0nATKdp6w8fH5Bt5qwl5NZr1ZWnsn9pE/ilHmRa0kQeWn
F0WS+NvjIH8LYo8axLhbvtcdtdcPOPelgxRqSU/sOkAsTbetePI9F95e9LrrZDy5
f6lF1wQI0GbQQjXpJMp7cLnAZ23D7SUFmyenE5VeQUTJNw==
-----END CERTIFICATE-----
Generated at Sun May 11 04:06:08 2025 by rpki-client